7 Replies Latest reply on Nov 3, 2015 8:01 AM by mark_baum

    Access Place Permissions via API

      Hi,

       

      is there a way to get place permissions by an API call ie I want to query all permitted users and securityGroups for a certain place.

       

      Thanks, Simon

        • Re: Access Place Permissions via API

          OK... So this might take some spelunking on our part, but a starting point is understanding what version of Jive you are using. In 6.0/Cloud, we've got significantly more API coverage. In fact, security groups are exposed there: https://developers.jivesoftware.com/api/v3/rest/SecurityGroupEntity.html, as well as more information on spaces, https://developers.jivesoftware.com/api/v3/rest/SpaceEntity.html

            • Re: Access Place Permissions via API

              We are using Jive6.0.0 internally hosted (non cloud version) with api v3. I've already read the api docs but found nothing relevant. Let me describe my use case in more detail:

               

              I have configured permissions for a space S with a securityGroup G and several Users A,B,C that should have access to this space. Now, when getting ie the blog of this space by an api call (authenticated as admin user) I'm missing information of the (inherited) permission settings in the json response. I also could not find anything that looks like permission information in the corresponding resources object. don't now whether (place/space) permission information is exposed at all... just hope there is some way to get the permission information (without accessing the database scheme directly)

               

              Thanks for your help, Simon

            • Re: Access Place Permissions via API

              There are APIs that allow a Jive admin user to access and manipulate security groups and their members, but there is not an ability to map security group membership to permissions on a particular place.

                • Re: Access Place Permissions via API

                  I've added an internal feature request for us to track any potential work on this.

                    • Re: Access Place Permissions via API

                      Mark:

                       

                      Until I ran across this thread (which stopped me in my tracks); I've been considering for a long time now creating an app that allow regular (non-admin) users to see  "membership" in a particular space by determining:

                       

                      1) the security group(s) associated with a space and

                      2) the membership of those security groups.

                       

                      The app would produce a paginated list of those members with some additional light functionality such as maybe the ability to email any or all of the "members".

                       

                      I realize there would be several things to consider here, including:

                       

                      1) API calls to get security group information are restricted to Jive Admins, so there would need to be some type of "run as" facility to allow regular users this access to get the data

                      2) Users would only be able to see other "members" of a space where they too are already a member (hence, in the security group)

                      3) Some definition of "membership" (i.e. everyone who has view access to the space would be considered a member, even if they weren't allowed to say, create content) would need to be established as a baseline.

                       

                      I realize that we do not do this in the v3 APIs, is there any thought to including this type of functionality to the upcoming version of the APIs?  While not a necessity, I think it could make for a slick little app - we do have plenty of customers who create "private" spaces using security groups.

                       

                      What do you think?  Does this idea have any merit?

                       

                      Thanks,

                       

                      -Matt

                  • Re: Access Place Permissions via API
                    jpadilla

                    I assume 2 years later there is still no support to query for permissions on spaces/places? I'm getting the content on the place but I need to only display the public content. Using v9 cloud instance.

                     

                    It would be nice to have an attribute similar to when querying for group:

                     "groupType" : "SECRET",
                    • Re: Access Place Permissions via API
                      mark_baum

                      The Admin Console in V7 leaves a lot to be desired in terms of visualizing which spaces inherit permissions and which have custom permissions. Unless I'm missing something, you have to click-click-click through all the hierarchies to see each one.

                       

                      I was hoping to use the API to pull this information and draw my own chart, but it sounds like this isn't an option.

                       

                      Maybe it's available in v8?  Please let us know... Thanks!

                       

                      PS My current use case is that I want to use point-based moderation, and it appears that I have to set up distinct moderation permissions on every space that doesn't inherit permissions. Otherwise it seems that the moderated content ends up in a black hole from the point of view of my admin account. I'm not aware of a place in the Admin Console where I can go to see all moderated content either... Am I missing something here?